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CLAIM AMENDMENTS 
This listing of claims replaces all prior listings of claims submitted in the 
present application: 
Listing of Claims 

1 1. (Currently Amended) A method of authenticating end-user clients 

2 requiring access to services available in a computer-based communication 

3 system having an authentication server and an end-user client , comprising 

4 the steps of: 

5 a) at said an- authentication server connected in said communication 

6 oyotom , defining a plurality list of authentication modules available in said 

7 communication system , wherein at least one of said authentication modules 

8 is a local authentication module executable on said authentication server. 

9 and at least one of said authentication modules is a remote authentication 

10 module, executable on a communication system node remote from said 

11 authentication server: , and 

12 mapping each of a plurality of authentication domain identifiers to a 

13 corresponding configuration of said authentication modules associated with 

14 the [[t]]o authenticating domain identifier s associated to end user clients of 

15 said authontication sorvcr , wherein at least one of said authenticating 

16 domain identifiers each comprise comprises an application service identifier; 
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1 7 b) sending , by an end uoor cliont, a roopoctivo one of said 

18 authentication domain identifiers from said end-user client to said 

19 authentication server; 

20 e) creating, by the authentication server and depending on the 

21 authentication domain identifier, an authentication stack based on the 

22 configuration of authentication modules corresponding to the authentication 

23 domain identifier according to said mapping step specific to oaid end user 

24 client , wherein said authentication stack comprises a plurality of comprising 

25 no or more stack entries, each of said stack entries mapped to a respective 

26 authentication module from among said plurality of authentication modules : 

27 initiating a distributed authentication process at said authentication 

28 server according to each of said stack entries of said authentication stack. 

29 said initiating comprising: 

30 i) determining, for each of stack entries from said stack 

31 entries, whether the stack entry is mapped to any of the 

32 local authentication modules and whether the stack entry 

33 is mapped to any of the remote authentication modules, 

34 ii) for each stack entry determined as mapped to a local 

35 authentication process, triggering a local authentication 

36 process corresponding to said local authentication module. 

37 and 
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38 iii) for each stack entry determined as mapped to any of the 

39 remote authentication modules, triggering a remote 

40 authentication process, corresponding to said remote 

41 authentication module, at a node of said communication 

42 system remote from said authentication server: 

43 d) rendering, for each stack entry and depending thereon, an 

44 authentication service provided at oaid roopoctivo authentication module to 

45 produce an authentication result for that entry; and 

4 6 e) consolidating authentication results of said authentication process, 
4 ? including receiving a result of all local authentication processes and of all 

48 remote authentication processes triggered by said step of initiating an 

49 authentication process, and generating a consolidated result: and 

50 determining to obtain an authentication status for the end-user client 

51 to be one of a successful authentication and a not successful authentication. 

52 based on said consolidated result . 
53 

2-4. (Canceled) 

1 5. (Currently Amended) The method of ao defined in claim 1 [[4]] wherein 

2 the local and remote authentication processes services include at least one of 
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but arc not limited to biometric schemes, cryptographic hardware services, 
smart cards and USB tokens. 



1 6. (Currently Amended) The method of as defined in claim 1 further 

2 comprising, sending a unique session identifier to the end-user client 

3 responsive to said determining an authentication status corresponding to be 

4 a successful authentication. 

7-12. (Canceled) 
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